The (1) IBM Tivoli Identity Manager Active Directory adapter before 5.1.24 and (2) IBM Security Identity Manager Active Directory adapter before 6.0.14 for IBM Security Identity Manager on Windows, when certain log and trace levels are configured, store the cleartext administrator password in a log file, which allows local users to obtain sensitive information by reading a file.
IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and Security Identity Manager 6.0.x before 6.0.0.4-ISS-SIM-IF0001 and 7.0.x before 7.0.0.0-ISS-SIM-IF0003 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information via vectors related to server side LDAP queries. IBM X-Force ID: 96173.
The (1) Java GUI and (2) Web GUI components in the IBM Tivoli Storage Manager (TSM) Backup-Archive client 5.4 and 5.5 before 5.5.4.4 on AIX, Linux, and Solaris; 5.4.x and 5.5.x on Windows and z/OS; 6.1 before 6.1.5.7 on z/OS; 6.1 and 6.2 before 6.2.5.2 on Windows, before 6.2.5.3 on AIX and Linux x86, and before 6.2.5.4 on Linux Z and Solaris; 6.3 before 6.3.2.1 on AIX, before 6.3.2.2 on Windows, and before 6.3.2.3 on Linux; 6.4 before 6.4.2.1; and 7.1 before 7.1.1 in IBM TSM for Mail, when the Data Protection for Lotus Domino component is used, allow local users to bypass authentication and restore a Domino database or transaction-log backup via unspecified vectors.
IBM Maximo Asset Management 7.6 before 7.6.0.3 IFIX001 allows remote authenticated users to bypass intended access restrictions and read arbitrary purchase-order work logs via unspecified vectors.
IBM Connections 5.5 and earlier is vulnerable to possible link manipulation attack that could result in the display of inappropriate background images.
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 do not have a lockout period after invalid login attempts, which makes it easier for remote attackers to obtain admin access via a brute-force attack.
The Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 maintain session ID validity after a logout action, which allows remote authenticated users to hijack sessions by leveraging an unattended workstation.
Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service 6.0 and 6.0.1 before 6.0.1 iFix006 allows remote attackers to conduct clickjacking attacks via unspecified vectors.
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles session identifiers after logout, which makes it easier for remote attackers to spoof users by leveraging knowledge of "traffic records."
The XML parser in Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service 6.0 and 6.0.1 before 6.0.1 iFix006 allows remote authenticated administrators to read arbitrary files or cause a denial of service via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
IBM Security Identity Manager 6.x before 6.0.0.3 IF14 does not properly perform logout actions, which allows remote attackers to access sessions by leveraging an unattended workstation.
runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass intended queue-manager command access restrictions by leveraging authority for +connect and +dsp.
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.5 does not properly read the portletServingEnabled parameter in ibm-portlet-ext.xmi, which allows remote attackers to bypass intended access restrictions via unknown vectors.
Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before 1.1.0.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, uses incorrect ACLs for ZooKeeper coordination state, which allows remote attackers to cause a denial of service (daemon outage), obtain sensitive information, or modify data via unspecified client traffic.
IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.47, 7.0 before 7.0.0.39, 8.0 before 8.0.0.11, and 8.5 before 8.5.5.6 allows remote attackers to execute arbitrary code by sending crafted instructions in a management-port session.
The administrative console in IBM WebSphere Application Server (WAS) 8.0.0 before 8.0.0.11 and 8.5 before 8.5.5.6, when the Security feature is disabled, allows remote authenticated users to hijack sessions via the JSESSIONID parameter.
IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 and 7.2.x before 7.2.6 includes SSH private keys during backup operations, which allows remote authenticated administrators to obtain sensitive information by reading a backup archive.
IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to modify arbitrary user filters via a JSON request.
The Connector Migration Tool in IBM InfoSphere Information Server 8.1 through 11.3 allows remote authenticated users to bypass intended restrictions on job creation and modification via unspecified vectors.
FastBack Mount in IBM Tivoli Storage Manager FastBack 6.1.x before 6.1.11.1 allows remote attackers to execute arbitrary code by connecting to the Mount port.
IBM Business Process Manager (aka BPM) 7.5.x, 8.0.x, and 8.5.x and WebSphere Lombardi Edition (aka WLE) 7.2.x allow remote authenticated users to bypass intended access restrictions on internal service types via vectors involving the executeServiceByName URL.
IBM BigFix Remote Control before 9.1.3 does not properly restrict password choices, which makes it easier for remote attackers to obtain access via a brute-force approach.
"IBM InfoSphere Information Server 11.7 could allow an authenticated user to access information restricted to users with elevated privileges due to improper access controls. IBM X-Force ID: 224427."
The TPM on Integrated Management Module II (IMM2) on IBM Flex System x222 servers with firmware 1.00 through 3.56 allows remote attackers to obtain sensitive key information or cause a denial of service by leveraging an incorrect configuration. IBM X-Force ID: 91146.
The default configuration of IBM WebSphere Application Server (WAS) 7.0.0 before 7.0.0.39, 8.0.0 before 8.0.0.11, and 8.5 before 8.5.5.6 has a false value for the com.ibm.ws.webcontainer.disallowServeServletsByClassname WebContainer property, which allows remote attackers to obtain privileged access via unspecified vectors.
IBM SPSS Modeler before 16 on UNIX allows remote authenticated users to bypass intended access restrictions via an SSO token. IBM X-Force ID: 89855.
IBM WebSphere Cast Iron 6.3 allows remote attackers to bypass intended access restrictions via unspecified vectors. IBM X-Force ID: 83868.
IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to perform unauthorized actions due to improper access controls. IBM X-Force ID: 260577.
IBM Maximo Asset Management 7.6.1.3 could allow a remote attacker to log into the admin panel due to improper access controls. IBM X-Force ID: 255073.
IBM Aspera Faspex 5.0.4 could allow a user to change other user's credentials due to improper access controls. IBM X-Force ID: 249847.
IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process. IBM Reference #: 1998649.
IBM QRadar 7.2 and 7.3 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 119737.
IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted URL request, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-Force ID: 120252.
IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
IBM Cognos Disclosure Management 10.2 could allow a malicious attacker to execute commands as a lower privileged user that opens a malicious document. IBM Reference #: 1991584.
IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 do not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas.
IBM WebSphere MQ 9.0.0.1 and 9.0.2 could allow a local user to write to a file or delete files in a directory they should not have access to due to improper access controls. IBM X-Force ID: 117926.
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 before 8.5.5.11, 9.0 before 9.0.0.2, and Liberty before 16.0.0.4 allows remote authenticated users to execute arbitrary Java code via a crafted serialized object.
IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 uses weak permissions for unspecified resources, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF30, 8.0.0 through 8.0.0.1 CF21, and 8.5.0 before CF12 allows remote authenticated users to cause a denial of service by uploading temporary files.
IBM Security Privileged Identity Manager Virtual Appliance version 2.0.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.
IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference #: 1998648.
IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server.
The Linux kernel component in IBM PowerKVM 2.1 before 2.1.1.3-65.10 and 3.1 before 3.1.0.2 allows guest OS users to cause a denial of service (host OS infinite loop and hang) via unspecified vectors.
IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server.
IBM System Storage TS3100-TS3200 Tape Library could allow an unauthenticated user with access to the company network, to change a user's password and gain remote access to the system.
IBM UrbanCode Deploy could allow a malicious user to access the Agent Relay ActiveMQ Broker JMX interface and run plugins on the agent.
IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload that would replace code on the server. This code could be executed on the UCD agent machines that host customer's production applications.
IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to bypass intended access restrictions, and read task details or edit properties, via unspecified vectors.
IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to upload non-executable files via a crafted HTTP request.